Hi Roy,
roy barnard wrote:
> Firstly, I can not get DL first boot to copy the initial config file 'etc.tar.bz2' onto my
> configuration media compact flash /dev/hdc2.
> Copy just silently fails.....
Fixed (I copied the config file to first available partition, and iso - to second.
So I didn't test the situation when iso and config on the same partition).
> My workaround is to copy etc.tar.bz2 onto second partition using the 'install-on-usb' script.
>
> Secondly, DL boot fails.
Fixed.
May I ask you to check how it works now?
--
Sincerely
Serge Leschinsky

Roy,
roy barnard wrote:
> Serge,
>
> I have re-synced scripts/loop-AES from cvs and tried again but this fails exactly the same way.
> Can't Find /dev/loop0
I'm sorry. I've added loop module loading to linuxrc. I hope it should help but
it isn't tested due to absence of time
Your report about problem with first coping etc.tar.bz2 has been confirmed. I
looked through the code but I haven't found obvious bugs. I hope to have more
spare time by the end of week and I'll try to catch the bug.
--
Sincerely
Serge Leschinsky

Hi,
I built another DL recently and have a few questions & suggestions. I don't
have time to send them all today, so I'll just start with two easy ones:
I had a pile of unlabeled CDs with different versions of DL on them and
needed the latest, so I put them in and looked at the boot screen.
The initial boot screen shows the boot options but not the DL version number
(any more). I guess the line with the version number was taken out back when
we patched in the VGA mode options. I attached a patch to show the version
number again on the main boot screen.
Could you upgrade hostapd to 0.5.8 ? I am building DL with madwifi & hostapd
for AP with a mini-PCI wlan card, but having little hardware stability
problems (nothing serious, just have to restart hostapd every hour, the log
error is "Hardware didn't respond as expected", hoping new versions will take
care of that...)
thanks,
Roland
--
ICQ UIN 49339118 Linux Counter #88774
GPG-Key 1024D/59C6AFA6 2003-02-07 Roland Pabel <roland@...>

Hi,
Serge Leschinsky wrote:
> Unfortunately kernel update hasn't helped. I made series
> 'mrproper-build-install-test iso' and may say that the thing which breaks the
> iptables functionality is patch-o-matic.
the module which breaks iptables functionality is extra/pptp-conntrack-nat.
Should we disable it or try to find update for the module?
--
Serge Leschinsky

On Thu, August 23, 2007 08:32, Bruce Smith wrote:
> Just a thought ... but where is the mysql user account info?
>
>
> If it's on LDAP or NIS or some other remote location which is not
> accessible at the time during boot when mysql starts, it may fall back to
> root as the user. If it's in the local passwd file, never mind. :-)
All local
> Other other thought is maybe grsecurity is screwing you up. Try the
> server edition?
Yeah that may be worth a try.
Will have to wait until my 1.3 compile finishes, so I can create a new
version with the latest sources.
--
Regards
Heiko Zuerker
http://www.devil-linux.org

Just a thought ... but where is the mysql user account info?
If it's on LDAP or NIS or some other remote location which is not
accessible at the time during boot when mysql starts, it may fall back
to root as the user. If it's in the local passwd file, never mind. :-)
Other other thought is maybe grsecurity is screwing you up. Try the
server edition?
- BS
> I have trouble getting mysql started on bootup, but once the system is up
> and I do it on the command line it works...
> I want to make sure it's not related to my machine. Anybody else
> experiencing this issue?
>
> This is from the mysql.err
> 070822 17:07:56 [ERROR] Fatal error: Please read "Security" section of the
> manual to find out how to run mysqld as root!
> 070822 17:07:56 [ERROR] Aborting
>
> When I start it manually everything is cool and the daemon runs under the
> mysql user.

Hey,
I have trouble getting mysql started on bootup, but once the system is up
and I do it on the command line it works...
I want to make sure it's not related to my machine. Anybody else
experiencing this issue?
This is from the mysql.err
070822 17:07:56 [ERROR] Fatal error: Please read "Security" section of the
manual to find out how to run mysqld as root!
070822 17:07:56 [ERROR] Aborting
When I start it manually everything is cool and the daemon runs under the
mysql user.
--
Regards
Heiko Zuerker
http://www.devil-linux.org

Hello,
roy barnard wrote:
>
> Firstly, I can not get DL first boot to copy the initial config file 'etc.tar.bz2' onto my
> configuration media compact flash /dev/hdc2.
> Copy just silently fails.....
> My workaround is to copy etc.tar.bz2 onto second partition using the 'install-on-usb' script.
I've tested it on CD - the file has been copied without problem. If I can find a
usb-drive I'll check it once again.
>
> Secondly, DL boot fails.
> This appears to be that 'mdev -s' fails to make /dev/loop0, so the cdrom image fails to mount.
> My workaround for this is to set INITRD_MODULES="loop" in /etc/sysconfig/config
> so 'load_modules' loads loop.ko and this populates /sys so 'mdev -s' makes the /dev/loop0
> Anybody point me in the right direction for the real fix for this?
It's my fault. I transfered loop module out of drivers/block/ dir...
It should be ok now. Please sync scripts/loop-AES from cvs and try again.
--
Serge Leschinsky

I have a some more build issues.
I deleted everything and stared will a completed fresh development download.
Staring point
lfssystem-SVN-20070314-cleaned.tar.bz2 with asm_types.h.patch
lftp-2.6.11.tar.bz2 compiled and installed
CVS taken on 18 August 2007.
Full DL Source download on 18 August 2007.
Used the default profile but unchecked "run build with nice"
unpack,build
ncftp Failed to compile...Set config file to NOT include ncftp!
(problem as I described in one of my previous emails)
build,install,iso,dist
Everything OK up to this point
I used 'install-on-usb' to set up my Compact flash...
Firstly, I can not get DL first boot to copy the initial config file 'etc.tar.bz2' onto my
configuration media compact flash /dev/hdc2.
Copy just silently fails.....
My workaround is to copy etc.tar.bz2 onto second partition using the 'install-on-usb' script.
Secondly, DL boot fails.
This appears to be that 'mdev -s' fails to make /dev/loop0, so the cdrom image fails to mount.
My workaround for this is to set INITRD_MODULES="loop" in /etc/sysconfig/config
so 'load_modules' loads loop.ko and this populates /sys so 'mdev -s' makes the /dev/loop0
Anybody point me in the right direction for the real fix for this?
Many Thanks,
Roy.
___________________________________________________________
Want ideas for reducing your carbon footprint? Visit Yahoo! For Good http://uk.promotions.yahoo.com/forgood/environment.html

Hi,
Oliver Niesner wrote:
> With a little luck the kernel update from Heiko will do the trick.
> Let me know if i can help out with testing etc.
Unfortunately kernel update hasn't helped. I made series
'mrproper-build-install-test iso' and may say that the thing which breaks the
iptables functionality is patch-o-matic.
Now we have to make other series of experiments to find what module does it.
I'd like to ask you (if it's possible) to check what group of p-o-m (
Netfilter updates patches
Netfilter pending patches
Netfilter base patches
Netfilter extra patches )
contains 'the bad module'.
Your help will be very appreciated!
--
Serge Leschinsky

Hello Borys!
Heiko Zuerker wrote on 14.08.2007 14:33 MET:
>
> can anybody comment on the request below?
> I'm not a quagga user, so it's hard for me to make a decision on this.
>
> ---------------------------- Original Message ----------------------------
> Subject: Quagga and realms
> From: "Borys Semenowicz" <bsemen@...>
> Date: Mon, August 13, 2007 03:07
> To: devil-linux-discuss-owner@...
> --------------------------------------------------------------------------
>
> Hi Im using DL since 0.5 ver, and have question:
> can quagga in DL support realms?
> (patch: http://vcalinus.gemenii.ro/quaggarealms.html)
> I need to transfer IP`s from BGP to iptables and htb,
> or otherwise use iptables with AS numbers.
Looking at <ftp://ftp.devil-linux.org/pub/devel/sources/1.2&gt; you will see
which quagga source we build on and which patches we apply to it.
Currently we don't include the patch mentioned. Might I therefore suggest
that you set up a build environment, include the aforementioned patch,
adapt the quagga build script and then submit a patch to it so we can
include the quagga patch into future releases.
--
MfG / Regards
Friedrich Lobenstock

Hey everyone,
can anybody comment on the request below?
I'm not a quagga user, so it's hard for me to make a decision on this.
Heiko
---------------------------- Original Message ----------------------------
Subject: Quagga and realms
From: "Borys Semenowicz" <bsemen@...>
Date: Mon, August 13, 2007 03:07
To: devil-linux-discuss-owner@...
--------------------------------------------------------------------------
Hi Im using DL since 0.5 ver, and have question:
can quagga in DL support realms?
(patch: http://vcalinus.gemenii.ro/quaggarealms.html)
I need to transfer IP`s from BGP to iptables and htb,
or otherwise use iptables with AS numbers.
Best regards
Borys Semenowicz
--
Regards
Heiko Zuerker
http://www.devil-linux.org

>
>> I've rebuilt ISO without l7 and got the same error. So, it's not l7. I
>> guess the downgrade iptables from 1.3.8 to 1.3.7 should fix this problem
>> but I consider it as a hot-fix. The proper way is to find what exactly
>> brakes nat functionality (imq patch?).
>>
>>
>> I'll try to fix it ASAP.
>>
>
> I'm currently updating DL with kernel 2.4.35, that may help too.
>
>
Thanks, Serge for verifying this!
I think the only problem is that iptables isn't compiled against the
right kernel sources.
I had no problems with layer7 and iptables-1.3.8 on a 2.6.22 kernel.
But i have no experience with 2.4 so far.
With a little luck the kernel update from Heiko will do the trick.
Let me know if i can help out with testing etc.
Oliver

On Fri, August 10, 2007 13:46, Serge Leschinsky wrote:
> Hi Oliver,
>
>
> Oliver Niesner wrote:
>
>> Hi, again!
>>
>>
>> After a clean build today i tested the new iso - everything looked
>> fine. But i found out that MASQUERADING doesn't work anymore.
>> I didn't change anything, nat/masquerading-modules are all loaded.
>> All i got is an "invalid argument" error.
>>
>>
>> Could it be that the latest layer7 changes broke something?
>>
> I've rebuilt ISO without l7 and got the same error. So, it's not l7. I
> guess the downgrade iptables from 1.3.8 to 1.3.7 should fix this problem
> but I consider it as a hot-fix. The proper way is to find what exactly
> brakes nat functionality (imq patch?).
>
>
> I'll try to fix it ASAP.
I'm currently updating DL with kernel 2.4.35, that may help too.
--
Regards
Heiko Zuerker
http://www.devil-linux.org

Hi Oliver,
Oliver Niesner wrote:
> Hi, again!
>
> After a clean build today i tested the new iso - everything looked fine.
> But i found out that MASQUERADING doesn't work anymore.
> I didn't change anything, nat/masquerading-modules are all loaded.
> All i got is an "invalid argument" error.
>
> Could it be that the latest layer7 changes broke something?
I've rebuilt ISO without l7 and got the same error. So, it's not l7. I guess the
downgrade iptables from 1.3.8 to 1.3.7 should fix this problem but I consider it
as a hot-fix. The proper way is to find what exactly brakes nat functionality
(imq patch?).
I'll try to fix it ASAP.
--
Serge Leschinsky

Heiko,
Heiko Zuerker wrote:
> Super FreeS/WAN and strongSwan both add additional patches. Some of the are
> X.509, NAT-Traversal, better crypto algorithms and more.
>
Oops... I'm so stupid... I've read the documents on web-site and I really like
the project (especially in part of XAUTH).
I'm voting to change open to super.
--
Serge Leschinsky

Hey,
Super FreeS/WAN and strongSwan both add additional patches. Some of the are
X.509, NAT-Traversal, better crypto algorithms and more.
Heiko
On Fri, August 10, 2007 00:58, Serge Leschinsky wrote:
> Hello Heiko,
>
>
> Are there any reasons to not use openswan? I use it for a quite long time
> and have no problem. I may be wrong but looks like we use exactly _open_
> swan in 1.2. Am I wrong?
>
> http://www.openswan.org/
>
>
> The current version of openswan is 2.4.9 (2.4.6 on DL ftp).
>
>
> Heiko Zuerker wrote:
>
>> Hey guys,
>>
>>
>> the Super FreeS/WAN doesn't seem to like the latest 2.4 kernel.
>> Looking
>> at their website it also didn't get updated. Does anybody have a problem
>> if I see if we can replace it with strongSwan ?
>>
>> URLs:
>> Super FreeS/WAN http://www.freeswan.ca/
>> strongSwan http://www.strongswan.org/
>
> --
> Serge Leschinsky
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Devil-linux-develop mailing list
> Devil-linux-develop@...
> https://lists.sourceforge.net/lists/listinfo/devil-linux-develop
>
>
--
Regards
Heiko Zuerker
http://www.devil-linux.org

Hello Oliver,
Oliver Niesner wrote:
> Could it be that the latest layer7 changes broke something?
...
> I'm a little bit lost here, maybe someone can help to check this?
>
I'll check and send the report by the end of my day.
--
Sincerely
Serge Leschinsky